Skip to main content

How to apply Basic Authentication In Web API.

Here, I will explain how to maintain security in webapi

Step : 1 Create a method for validate loginname and tokenkey. if exists then return true otherwise return false.
public static bool Vaidatecredentials(string loginname, string tokenkey)  
{  
    // Check if it is valid credential  
    if(true)//Check login name and token key exists in DB(loginname, password))  
    {  
        return true;  
    }
   else
    {  
        return false;  
    }              
} 

Step : 2 add a class, which is used as Authorization filter. The class BasicAuthenticationAttribute inherits from BasicAuthenticationAttribute abstarct class.
public class BasicAuthenticationAttribute : AuthorizationFilterAttribute  
{  
    public override void OnAuthorization(System.Web.Http.Controllers.HttpActionContext actionContext)  
    {  
        if (actionContext.Request.Headers.Authorization == null)  
        {  
            actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized);  
        }  
        else  
        {  
            // accept header parameters  
            string Parameters = actionContext.Request.Headers.Authorization.Parameter;   
  
            // Gets loginname and tokenkey  
            string loginname = Parameters.Split(':')[0];  
            string tokenkey = Parameters.Split(':')[1];  
  
            // Validate loginname and tokenkey  
            if (!Vaidatecredentials(loginname, tokenkey))  
            {  
                // returns unauthorized error 401
                actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized);  
            }  
        }  
  
        base.OnAuthorization(actionContext);  
    }  
}  

Step : 3 Now we need to register authorization filter. we can register at controller level.
 
[BasicAuthentication]  
public class BlogController : ApiController  
{  
    // Add your code here  
}  

Step: 4 Call Web API using AJAX request.
$.ajax({  
    url: 'http://localhost:9000/api/dcs',  
    type: "POST",  
    contentType: "application/json",  
    data: JSON.stringify(testdata),  
    dataType: "json",  
    headers: { 'Authorization' :'Basic ' + loginname + ':' + tokenkey) },  
    success: function (result) {  
        
    },  
    error: function (err) {  
        
    }  
});  

Comments

Popular posts from this blog

How To Implement NLog With WebAPI In Asp.Net(C#).

What is NLog? NLog is a flexible and free logging platform for various .NET platforms, including .NET standard. NLog is easy to apply and it includes several targets (database, file, event viewer). Which platform support it? .NET Framework 3.5, 4, 4.5, 4.6 & 4.7 .NET Framework 4 client profile Xamarin Android Xamarin iOS Windows Phone 8 Silver light 4 and 5 Mono 4 ASP.NET 4 (NLog.Web package) ASP.NET Core (NLog.Web.AspNetCore package) .NET Core (NLog.Extensions.Logging package) .NET Standard 1.x - NLog 4.5 .NET Standard 2.x - NLog 4.5 UWP - NLog 4.5 There are several log levels. Fatal : Something terrible occurred; the application is going down  Error : Something fizzled; the application might possibly proceed Warn : Something surprising; the application will proceed  Info : Normal conduct like mail sent, client refreshed profile and so on.  Debug : For troubleshooting; the executed question, the client confirmed, ...

Generating serial numbers and keys in Asp.net(C#).

here we are using GUID for generate serial numbers and GUID is always unique. Example format: XXXX-XXXX-XXXX-XXXX-XXXX-XXXX-XXXX. Guid SerialKeyGuid = Guid.NewGuid(); string AccessKey = SerialKeyGuid.ToString("N"); string AccessKeyLength = AccessKey.Substring(0, 28).ToUpper(); char[] serialArray = AccessKeyLength.ToCharArray(); string SerialNumber = ""; int P = 0; for (int B = 0; B < 28; B++) {                 for (P = B; P < 4 + B; P++)                 {                     SerialNumber += serialArray[P];                 }                 if (P == 28)                 {                     break;                 }         ...

Extracting Values from PDFs in .NET Core 8 without ASP.NET

Extracting data from PDF files is a common necessity for various tasks such as data analysis, content indexing, and information retrieval. While ASP.NET Core 8 offers robust tools for PDF manipulation, there are instances where developers may prefer alternatives for flexibility or specific project requirements. In this article, we'll explore how to extract values from PDF files within the .NET Core 8 ecosystem without relying on ASP.NET, using the PdfSharpCore library. We'll provide a step-by-step guide along with examples in C# to demonstrate how to accomplish this task effectively. Understanding PdfSharpCore: PdfSharpCore is a popular .NET library for PDF document manipulation. It provides functionalities to create, modify, and extract content from PDF files. In this guide, we'll focus on utilizing PdfSharpCore to extract text from PDF documents. Installing PdfSharpCore: Before we can start using PdfSharpCore in our .NET Core application, we need to install the PdfSharpCo...